[Owasp-modsecurity-core-rule-set] Allowing z-push

Ryan Barnett RBarnett at trustwave.com
Sat Nov 13 11:59:22 EST 2010


I would put a space before your new entry for readability sake but this would still work. 

--
Ryan Barnett


On Nov 13, 2010, at 11:51 AM, "Arthur Dent" <misc.lists at blueyonder.co.uk> wrote:

> On Sat, 2010-11-13 at 10:58 -0500, Rcbarnett wrote:
>> You need to add the z-push content-type (application/vnd.ms-sync.wbxml) to the allowed content-type list in the 10 config file. 
> 
> I think that's done it Ryan. Thank you...
> 
> Just to be certain (I don't fully understand this) my
> modsecurity_crs_10_config.conf file now looks like this:
> 
> 
> SecAction "phase:1,t:none,nolog,pass, \
> setvar:'tx.allowed_methods=GET HEAD POST OPTIONS', \
> setvar:'tx.allowed_request_content_type=application/x-www-form-urlencoded multipart/form-data text/xml application/xml application/x-amf/application/vnd.ms-sync.wbxml', \
> setvar:'tx.allowed_http_versions=HTTP/0.9 HTTP/1.0 HTTP/1.1', \
> setvar:'tx.restricted_extensions=.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/', \
> setvar:'tx.restricted_headers=/Proxy-Connection/ /Lock-Token/ /Content-Range/ /Translate/ /via/ /if/'"
> 
> Is that right - or have I got the syntax wrong?
> 
> Cheers!
> 
> Mark
> 
> <signature.asc>
> _______________________________________________
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set



More information about the Owasp-modsecurity-core-rule-set mailing list